Created
June 17, 2011 19:35
-
-
Save codersatx/1032131 to your computer and use it in GitHub Desktop.
A simple login class to do basic protection on a folder.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php if ( ! defined('BASEPATH')) exit('No direct access allowed'); | |
/** | |
* Handles a simple login scenario. | |
* | |
* @author Alex Garcia | |
* @copyright 2011 | |
*/ | |
class Login{ | |
//An array of values used in the system. | |
//@var array | |
public $config; | |
//--------------------------------------------------------------------------------- | |
/** | |
* Creates an instance of our Login object and sets the config values. | |
*/ | |
public function __construct() | |
{ | |
require_once('config.php'); | |
$this->config = $config; | |
} | |
//--------------------------------------------------------------------------------- | |
/** | |
* Attempts to authenticate a user based on the creds provided. | |
* | |
* @return mixed void or string error message. | |
*/ | |
public function do_login() | |
{ | |
if ('POST' == $_SERVER['REQUEST_METHOD']) | |
{ | |
$username = $this->_get_input('username'); | |
$password = $this->_get_input('password'); | |
if($this->_authenticate($username, $password)) | |
{ | |
session_start(); | |
$_SESSION['authenticated'] = 1; // store session data | |
session_write_close(); | |
header('Location:'. $this->config['default_page']); | |
} | |
else | |
{ | |
return $this->config['error_message']; | |
} | |
} | |
return false; | |
} | |
//--------------------------------------------------------------------------------- | |
/** | |
* Private method which checks the credentials. | |
* | |
* @param string $username | |
* @param string $password; | |
* @return boolean True if the user has entered the correct credentials, false by default. | |
*/ | |
private function _authenticate($username, $password) | |
{ | |
if ($this->config['username'] == $username AND $this->config['password'] == sha1($password)) | |
{ | |
return TRUE; | |
} | |
return FALSE; | |
} | |
//--------------------------------------------------------------------------------- | |
/** | |
* Gets the input values and cleans them for any unwanted chars. | |
* | |
* @param string $field_name The name of the field we want to get the posted values from. | |
* @return string; | |
*/ | |
private function _get_input($field_name) | |
{ | |
return htmlspecialchars($_POST[$field_name]); | |
} | |
//--------------------------------------------------------------------------------- | |
/** | |
* Checks to see if a user is logged in. | |
* | |
* @return boolean True if logged in, false by default. | |
*/ | |
public function is_logged_in() | |
{ | |
if (isset($_SESSION['authenticated'])) | |
{ | |
return$_SESSION['authenticated']; | |
} | |
return FALSE; | |
} | |
//--------------------------------------------------------------------------------- | |
/** | |
* Generates a hashed password from a string. | |
* | |
* @param string $password | |
* @return string | |
*/ | |
public function generate_password($password) | |
{ | |
$code = '<h1>Copy and paste this line in the config file.</h1>'; | |
$code .= '$config[\'password\'] = \''. sha1($password) .'\'; // '. $password; | |
return $code; | |
} | |
//--------------------------------------------------------------------------------- | |
/** | |
* Performs a logour operation by setting the session to an empty array and then | |
* destroying the session altogether. Once completed it returns the logout message | |
* located in the configuration. | |
* | |
* @param string $password | |
* @return string | |
*/ | |
public function do_logout() | |
{ | |
session_start(); | |
$_SESSION = array(); | |
session_destroy(); | |
return $this->config['logout_message']; | |
} | |
} | |
//Create new instance of the Login class | |
$login = new Login(); | |
//Run the do_login method | |
$message = $login->do_login(); | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment